Critical Security Updates: Cisco Fixes SD-WAN Vulnerability, Microsoft Exchange Exploited

Anuj May 17, 2026
www.news4hackers.com-critical-security-updates-cisco-fixes-sd-wan-vulnerability-microsoft-exchange-exploited-critical-security-updates-cisco-fixes-sd-wan-vulnerability-microsoft-exchange-exploited
Post Views: 2

Vulnerabilities Patched and Exploited

Cisco has patched a zero-day vulnerability in its SD-WAN Controller that has been exploited by a highly sophisticated cyber threat actor.

CVE-2026-20182 Authentication Bypass Flaw

The vulnerability affects the Catalyst SD-WAN Controller and is currently being tracked as CVE-2026-20182.

Microsoft Exchange Server Vulnerability

A critical XSS vulnerability (CVE-2026-42897) in Microsoft Exchange Server is also being exploited by attackers. A permanent fix is still in the works, but Microsoft has provided temporary mitigations to prevent exploitation.

Linux Kernel Vulnerability

A newly disclosed local privilege escalation (LPE) vulnerability in the Linux kernel, known as “Fragnesia” (CVE-2026-46300), has been discovered. This vulnerability is related to the previously disclosed “Dirty Frag” bug and could potentially allow attackers to gain elevated privileges on affected systems.

Importance of Timely Patching

These vulnerabilities highlight the importance of timely patching and the need for organizations to stay vigilant against emerging threats.

Div Quote

“According to Cisco, the vulnerability has been exploited by a highly sophisticated cyber threat actor.”

Temporary Mitigations

Microsoft has provided temporary mitigations to prevent exploitation of the XSS vulnerability in Microsoft Exchange Server.




About Author

Anuj

See author's posts

More Stories

www.news4hackers.com-india-unveils-ai-powered-mulehunter-ai-for-anti-cybercrime-efforts-india-unveils-ai-powered-mulehunter-ai-for-anti-cybercrime-efforts

India Unveils AI-Powered “MuleHunter.ai” for Anti-Cybercrime Efforts

Anuj May 16, 2026
www.news4hackers.com-chrome-browser-update-fixes-critical-security-flaws-chrome-browser-update-fixes-critical-security-flaws

Chrome Browser Update Fixes Critical Security Flaws

Anuj May 15, 2026
www.news4hackers.com-instagram-removes-end-to-end-encryption-from-messaging-feature-privacy-advocates-react-instagram-removes-end-to-end-encryption-from-messaging-feature-privacy-advocates-react

Instagram Removes End-to-End Encryption from Messaging Feature, Privacy Advocates React

Anuj May 11, 2026

Latest Cyber Security News

www.news4hackers.com-critical-security-updates-cisco-fixes-sd-wan-vulnerability-microsoft-exchange-exploited-critical-security-updates-cisco-fixes-sd-wan-vulnerability-microsoft-exchange-exploited

Critical Security Updates: Cisco Fixes SD-WAN Vulnerability, Microsoft Exchange Exploited

Anuj May 17, 2026
www.news4hackers.com-scammers-use-physical-phishing-methods-to-target-ledger-wallet-users-scammers-use-physical-phishing-methods-to-target-ledger-wallet-users

Scammers Use Physical Phishing Methods to Target Ledger Wallet Users

Anuj May 17, 2026
www.news4hackers.com-grafana-rejects-ransom-demand-following-source-code-theft-grafana-rejects-ransom-demand-following-source-code-theft

Grafana Rejects Ransom Demand Following Source Code Theft

Anuj May 17, 2026
www.news4hackers.com-1-lakh-scam-unveils-152-crore-cyber-crime-ring-nationwide-operation-busts-mule-accounts-1-lakh-scam-unveils-152-crore-cyber-crime-ring-nationwide-operation-busts-mule-accounts

₹1 Lakh Scam Unveils ₹152 Crore Cyber Crime Ring: Nationwide Operation Busts Mule Accounts

Anuj May 17, 2026
delhi-police

Delhi Police Crackdown on Sex Trafficking Ring in Rajasthan

Anuj May 17, 2026
en_USEnglish
en_USEnglish